views:

141

answers:

3

I am using the Kohana 3 framework, and am using the native session driver.

For some reason, occasionally the sessions fail to write to their file.

Warning: session_start() [function.session-start]: open(/tmp/sess_*****, O_RDWR) failed: Permission denied (13) in /home/site/public_html/system/classes/kohana/session/native.php  on line 27

I am pretty sure Kohana has its own in built error handler, but it is not triggered with this error (i.e. it shows up like a normal PHP error, not the Kohana error).

PHP error

Anyone that has ever used Kohana will notice this seems to have bypassed Kohana's error handling (perhaps set with set_error_handler()).

Is there anyway to stop this error from appearing without switching from the native session (i.e. file based) driver?

Should I just give good practice the boot and prepend an @ error suppressor to session_start() in the core code of Kohana? Should I relax the error_reporting()?

Thanks

A: 

This means your php interpreter has no write permissions in /tmp. Ask your server administrator to fix that - it's unrelated to your app.

In case there are collisions with session files from different php processes (running under different users): Giving them different session temp dirs would help. For example, you could move them away from /tmp to /path/to/homedir/phptmp and use a structure like that:

/path/to/homedir/
/path/to/homedir/htdocs
/path/to/homedir/phptmp
/path/to/homedir/logs
ThiefMaster
He said *occasionally*...
animuson
See my second part of the answer ;)
ThiefMaster
+1  A: 

It's up to php's session.save_path directive, you can override it to some writable folder in php.ini, or you can try this in your .htaccess;

 php_value session.save_path '/path/to/folder/you/can/write'

Edit: just so I don't forget, put your custom session folder level below the htdocs/public_html/whatever.

Although, all this is a little overkill since you can ask your server admin politely to check what's the problem with permissions.

Kemo
+1  A: 

You call ini_set('session.save_path', APPPATH.'sessions') (replace APPPATH.'sessions' with the directory you want) in bootstrap.php to force sessions to be written to application/sessions. This will increase the security of using native sessions and should solve your issue.

shadowhand
Thanks Shadowhand, always good to have an answer from you +1
alex